5bba91d7a146fd15aa4ec503bbf77689_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5bba91d7a146fd15aa4ec503bbf77689_JaffaCakes118
Size

135KB
MD5

5bba91d7a146fd15aa4ec503bbf77689
SHA1

97deb1a37a86f3bb9f4f4974eff8f42c270cab2c
SHA256

b5115d01922372cce2019ec60f3a3a4e1a65601e3a5a667904329673340e9b5b
SHA512

18bbaa553e72bc976993039e5dd41169f0cb7fd738ccadf1737cdbe6d2725603421b54081ec87b94df487418c71888b0012660eba7214f4472e507ad233b6261
SSDEEP

3072:cKXtbs4jam3F3XdBmKmbsyVz9r7DdSjkgRA7KtYlqZS/Nw7QP7q:cotj1JdBmKWswzNDdS4OA7K2lqwFw2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bba91d7a146fd15aa4ec503bbf77689_JaffaCakes118

Files

5bba91d7a146fd15aa4ec503bbf77689_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f2d57f5d84edb8ca5869aa7f2ba89103

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msoert2

HrGetStyleSheet
HrCreateTridentMenu
CchFileTimeToDateTimeW
CchFileTimeToDateTimeSz
HrDecodeObject
CleanupFileNameInPlaceA
StripCRLF
PszDupA
OpenFileStreamShareW
StrToUintA
CreateNotify
HrCheckTridentMenu
MessageBoxInstW
WriteStreamToFileW
PVGetCertificateParam
HrGetCertKeyUsage
HrIndexOfWeek

msvcirt

??_Dostream@@QAEXXZ
?ebuf@streambuf@@IBEPADXZ
??0streambuf@@IAE@XZ
?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
?ends@@YAAAVostream@@AAV1@@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
??1filebuf@@UAE@XZ
??6ostream@@QAEAAV0@PBD@Z
??_7logic_error@@6B@
??0istrstream@@QAE@ABV0@@Z
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
?read@istream@@QAEAAV1@PAEH@Z
??_Giostream@@UAEPAXI@Z
?good@ios@@QBEHXZ
??6ostream@@QAEAAV0@K@Z
?getdouble@istream@@AAEHPADH@Z
?blen@streambuf@@IBEHXZ
??_7ofstream@@6B@
??0strstream@@QAE@ABV0@@Z
??0fstream@@QAE@XZ

kernel32

CreateEventW
Process32FirstW
GlobalFindAtomA
FreeEnvironmentStringsA
AddLocalAlternateComputerNameA
VerifyVersionInfoW
MulDiv
GetConsoleCommandHistoryW
LoadLibraryA
SetConsoleCursorInfo
EnumDateFormatsExA
GetCommModemStatus
OutputDebugStringA
SetLastError
SetSystemTimeAdjustment
WriteConsoleInputW
FatalAppExitW
VirtualAlloc
TlsAlloc
GetDefaultCommConfigW
RtlUnwind
ReleaseMutex
IsValidCodePage
WaitNamedPipeA

catsrvut

ManagedRequestW
??1CComPlusComponent@@UAE@XZ
WinlogonHandlePendingInfOperations
??_7CComPlusInterface@@6B@
??4CComPlusComponent@@QAEAAV0@ABV0@@Z
COMPlusUninstallActionW
QueryUserDllW
??4CComPlusInterface@@QAEAAV0@ABV0@@Z
RunMTSToCom
?GetITypeLib@CComPlusTypelib@@QAEPAUITypeLib@@XZ
??4CComPlusObject@@QAEAAV0@ABV0@@Z
FindAssemblyModulesW
RegDBBackup
??_7CComPlusObject@@6B@
??0CComPlusMethod@@QAE@ABV0@@Z
??_7CComPlusComponent@@6B@
SysprepComplus2

mapi32

OpenIMsgSession@12
OpenIMsgOnIStg@44
HrComposeMsgID@24
WrapProgress@20
BuildDisplayTable@40
cmc_send_documents
HrQueryAllRows@24
cmc_logon
FBadRowSet@4
ScRelocProps@20
MAPIInitialize
MNLS_lstrcpyW@8
MAPIAllocateBuffer@8
ScBinFromHexBounded@12
FBadRow@4
LAUNCHWIZARD
DeinitMapiUtil@0
UNKOBJ_Free@8

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 59KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2d57f5d84edb8ca5869aa7f2ba89103

Headers

DLL Characteristics

File Characteristics

Imports

msoert2

msvcirt

kernel32

catsrvut

mapi32

Sections

.text Size: 31KB - Virtual size: 31KB

Size: 41KB - Virtual size: 41KB

Size: 59KB - Virtual size: 202KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 304B

.text
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 304B